The dance that never ends.
Microsoft released 13 security bulletins, patching 22 vulnerabilities across its product line, including two critical updates affecting Internet Explorer and the Windows DNS Server.
While Microsoft issued fewer updates this month, August was still marked as a busy month for system administrators. Adobe Systems Inc., which issues fixes on a quarterly cycle, issued a critical security update late Tuesday, repairing seven flaws in its Shockwave Player, more than a dozen holes in its Flash Player and an error in its Flash Media Server.
Microsoft addressed seven vulnerabilities in Internet Explorer including two zero-day flaws. According to MS11-057, Microsoft said an attacker who successfully exploited any of the vulnerabilities could gain the same user rights as the local user. Microsoft said the most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer
. . .
Another noteworthy bulletin is MS11-065, which resolves a vulnerability in the Remote Desktop Protocol. Although the security bulletin is rated important for users of Windows Server 2003, Miller said Microsoft has seen attacks targeting the flaw in the wild. The flaw can be targeted if an attacker sends a malicious remote desktop protocol connection request to the victim’s computer which could cause the system to crash.
Microsoft Security Bulletin Summary for August 2011
Microsoft Fixes IE, Windows DNS Server Flaws In Patch Tuesday Update
Microsoft Patches 22 Security Holes
Microsoft Security Patch Fixes 20-Year-Old Flaw
Microsoft fixes 22 security bugs
Microsoft’s August Patch Tuesday security update to tackle critical flaws in IE and Windows Server
Your Microsoft Patch Tuesday update for August 2011
Microsoft to Fix 22 Software Flaws in Its August Patch Tuesday Update
Hefty Microsoft August Patch Delivers 13 Security Fixes
IE, Windows server bugs likely to be exploited soon
Microsoft expecting exploits for critical IE vulnerabilities
Get busy downloading.
/so, until the next Patch Tuesday . . .
Filed under: Blog Entry | Tagged: Addressed, Adobe Systems, Attacker, Attacks, Bulletin, Cause, Computer, Crash, Critical, Critical Security Update, Critical Updates, Exploited, Fixes, Flash Media Server, Flash Player, Flaw, Holes, Important, Internet Explorer, Local User, Malicious Remote Desktop Protocol Connection Request, Microsoft, Microsoft Patch Tuesday, MS11-057, MS11-065, Patch, Product Line, Quarterly Cycle, Rated, Remote Code Execution, Remote Desktop Protocol, Resolves, Security, Security Bulletin, Security Update, Shockwave Player, Specially Crafted, Specially Crafted Web Page, Successfully Exploited, System, System Administrators, Targeting, Update, User Rights, Users, Victim, Views, Vulnerabilities, Vulnerability, Web Page, Windows, Windows DNS Server, Windows Server 2003, Zero-Day Flaws |